Supporting Intel(r) SGX on Multi-Package Platforms

• URL: http://arxiv.org/abs/2507.08190v1
• Date: Thu, 10 Jul 2025 21:58:23 GMT
• Title: Supporting Intel(r) SGX on Multi-Package Platforms
• Authors: Simon Johnson, Raghunandan Makaram, Amy Santoni, Vinnie Scarlata,
• Abstract summary: Intel Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms.<n>Various Cloud Service Providers (CSPs) are demonstrating the value of using SGX based Trusted Execution Environments (TEE) to create a new paradigm of Confidential Cloud Computing.<n>This paper describes the additional platform enhancements we believe are necessary to deliver a user programmable Trusted Execution Environment that scales to cloud usages, performs and is secure on multi-package platforms.
• Score: 0.9472118191005167
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Intel(r) Software Guard Extensions (SGX) was originally released on client platforms and later extended to single socket server platforms. As developers have become familiar with the capabilities of the technology, the applicability of this capability in the cloud has been tested. Various Cloud Service Providers (CSPs) are demonstrating the value of using SGX based Trusted Execution Environments (TEE) to create a new paradigm of Confidential Cloud Computing. This paper describes the additional platform enhancements we believe are necessary to deliver a user programmable Trusted Execution Environment that scales to cloud usages, performs and is secure on multi-package platforms.

Related papers

• Apple Intelligence Foundation Language Models: Tech Report 2025 [246.04717786298764]
  We introduce two foundation language models that power Apple Intelligence features across Apple devices and services.<n>Both models are trained on large-scale multilingual and multimodal datasets sourced via responsible web crawling.<n>A new Swift-centric Foundation Models framework exposes guided generation, constrained tool calling, and LoRA adapter fine-tuning.
  arXiv  Detail & Related papers  (2025-07-17T23:37:19Z)
• Optimizing Spot Instance Reliability and Security Using Cloud-Native Data and Tools [0.9307293959047378]
  "Cloudlab" is a comprehensive, cloud-native laboratory designed to support network security research and training.<n>By providing an adaptive and scalable environment, Cloudlab supports advanced security concepts such as role-based access control, Policy as Code, and container security.
  arXiv  Detail & Related papers  (2025-02-04T03:25:01Z)
• Microsegmented Cloud Network Architecture Using Open-Source Tools for a Zero Trust Foundation [0.0]
  This paper presents a multi-cloud networking architecture built on zero trust principles and micro-segmentation. The proposed design includes the multi-cloud network to support a wide range of applications and workload use cases.
  arXiv  Detail & Related papers  (2024-11-19T01:58:40Z)
• SRAS: Self-governed Remote Attestation Scheme for Multi-party Collaboration [1.6646558152898505]
  In multi-party cloud computing, how to select a Relying Party to verify the TEE of each party and avoid leaking sensitive data to each other remains an open question. We propose SRAS, an open self-governed remote attestation scheme with verification functions for verifying the trustworthiness of TEEs and computing assets. We provide an open-source prototype implementation of SRAS to facilitate the adoption of this technology by cloud users or developers.
  arXiv  Detail & Related papers  (2024-07-04T08:57:18Z)
• AgentScope: A Flexible yet Robust Multi-Agent Platform [66.64116117163755]
  AgentScope is a developer-centric multi-agent platform with message exchange as its core communication mechanism. The abundant syntactic tools, built-in agents and service functions, user-friendly interfaces for application demonstration and utility monitor, zero-code programming workstation, and automatic prompt tuning mechanism significantly lower the barriers to both development and deployment.
  arXiv  Detail & Related papers  (2024-02-21T04:11:28Z)
• HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
  Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
  arXiv  Detail & Related papers  (2024-01-17T00:56:23Z)
• Putting a Padlock on Lambda -- Integrating vTPMs into AWS Firecracker [49.1574468325115]
  Software services place implicit trust in the cloud provider, without an explicit trust relationship. There is currently no cloud provider that exposes Trusted Platform Module capabilities. We improve trust by integrating a virtual TPM device into the Firecracker, originally developed by Amazon Web Services.
  arXiv  Detail & Related papers  (2023-10-05T13:13:55Z)
• Auto-Split: A General Framework of Collaborative Edge-Cloud AI [49.750972428032355]
  This paper describes the techniques and engineering practice behind Auto-Split, an edge-cloud collaborative prototype of Huawei Cloud. To the best of our knowledge, there is no existing industry product that provides the capability of Deep Neural Network (DNN) splitting.
  arXiv  Detail & Related papers  (2021-08-30T08:03:29Z)
• Reproducible Performance Optimization of Complex Applications on the Edge-to-Cloud Continuum [55.6313942302582]
  We propose a methodology to support the optimization of real-life applications on the Edge-to-Cloud Continuum. Our approach relies on a rigorous analysis of possible configurations in a controlled testbed environment to understand their behaviour. Our methodology can be generalized to other applications in the Edge-to-Cloud Continuum.
  arXiv  Detail & Related papers  (2021-08-04T07:35:14Z)
• secureTF: A Secure TensorFlow Framework [1.1006321791711173]
  secureTF is a distributed machine learning framework based on the onflow for the cloud infrastructure. SecureTF supports unmodified applications, while providing end-to-end security for the input data, ML model, and application code. This paper reports on our experiences about the system design choices and the system deployment in production use-cases.
  arXiv  Detail & Related papers  (2021-01-20T16:36:53Z)
• Machine Learning Algorithms for Active Monitoring of High Performance Computing as a Service (HPCaaS) Cloud Environments [0.0]
  This paper explores the viability of engineering applications running on a cloud infrastructure configured as an HPC platform. The engineering applications considered in this work include MCNP6, a radiation transport code developed by Los Alamos National Laboratory, OpenFOAM, an open source computational fluid dynamics code, and CADONFS, a numerical implementation of the general number field sieve algorithm used for prime number factorization.
  arXiv  Detail & Related papers  (2020-09-26T01:29:19Z)
• A Privacy-Preserving Distributed Architecture for Deep-Learning-as-a-Service [68.84245063902908]
  This paper introduces a novel distributed architecture for deep-learning-as-a-service. It is able to preserve the user sensitive data while providing Cloud-based machine and deep learning services.
  arXiv  Detail & Related papers  (2020-03-30T15:12:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.